Pidgin: Multiple vulnerabilities
— GLSA 201701-38

Multiple vulnerabilities have been found in Pidgin, the worst of
which could lead to execution of arbitrary code.

Affected Packages

Package

net-im/pidgin on all architectures

Affected versions

< 2.11.0

Unaffected versions

>= 2.11.0

Background

Pidgin is a client for a variety of instant messaging protocols.

Description

Multiple vulnerabilities have been discovered in Pidgin. Please review
the CVE identifiers referenced below for details.

Impact

A remote attacker might send specially crafted data using the MXit
protocol, possibly resulting in the remote execution of arbitrary code
with the privileges of the process, a Denial of Service condition, or in
leaking confidential information.